I sent a message to adrelanos, the person developing the Whonix
system, to make him aware of this discussion. I think pfSense may have
the potential to provide a much more powerful and flexible replacement
for the Whonix Gateway. pfSense could be used to serve needs that the
Whonix Gateway currently is not designed for, but pfSense can still
serve the very narrow set of use cases that the Whonix system is
currently the best tool for.
Beyond that, pfSense can do things that we haven't even thought of
yet. one thing I've discussed with adrelanos is a Tor-friendly ISP
that could provide a Tor gateway that will forcibly torify all
communications. Some other very important use cases are:
* Making it easy for someone to conceal the location of a Tor hidden
service, even if it gets rooted (which Whonix theoretically could do).
* Making it easy for someone to run a Tor relay or bridge.
And more!
On Wed, Jun 26, 2013 at 3:57 PM, Brian Callahan <bcallah at devio.us> wrote:
> On 06/26/13 15:45, badon wrote:
>>>> The mention of PBI's is interesting, because I just installed PCBSD too,
>> and I think that's what PCBSD uses.
>>> Makes sense, as both are based off FreeBSD ;-) The PBI is a PCBSD invention,
> but afaik the framework (though not necessarily the individual PBI packages)
> will work on any FreeBSD-based system, including vanilla FreeBSD.
>>>> There is already a PBI in PCBSD, but I'm not sure if that's suitable for
>> Pfsense or not.
>>> I would say "probably not" to this. But the mechanism for generating a
> suitable PBI for pfsense should be similar if not identical to PCBSD (if you
> know how to do that).
>> Otherwise - consider this a bump to George for making a pfsense Tor PBI :)
>> ~Brian